ClamAV thinks Wine contains a rootkit?

Open forum for end-user questions about Wine. Before asking questions, check out the Wiki as a first step.
Forum Rules
Locked
doh123
Level 8
Level 8
Posts: 1227
Joined: Tue Jul 14, 2009 1:21 pm

ClamAV thinks Wine contains a rootkit?

Post by doh123 »

Anyone wanna explain why ClamAV thinks Wine has a rootkit in it?

It finds "mountmgr.sys" and "usbd.sys" as "BC.Heuristics.Rootkit.B"

This is not altered Wine.. or even used... but it happens just pure straight up compile from source Wine even if its never been ran.... its finding them in the fakedlls folder.

I have not tried on Linux, only on Mac OS X, using the ClamAV 0.96.2 base
Top
User avatar
dimesio
Moderator
Moderator
Posts: 13373
Joined: Tue Mar 25, 2008 10:30 pm

Re: ClamAV thinks Wine contains a rootkit?

Post by dimesio »

doh123 wrote:Anyone wanna explain why ClamAV thinks Wine has a rootkit in it?

It finds "mountmgr.sys" and "usbd.sys" as "BC.Heuristics.Rootkit.B"

This is not altered Wine.. or even used... but it happens just pure straight up compile from source Wine even if its never been ran.... its finding them in the fakedlls folder.

I have not tried on Linux, only on Mac OS X, using the ClamAV 0.96.2 base
You're the second person to ask. http://forum.winehq.org/viewtopic.php?t=9725

Someone should report this to ClamAV.
Top
doh123
Level 8
Level 8
Posts: 1227
Joined: Tue Jul 14, 2009 1:21 pm

Post by doh123 »

thanks.... the search here is pretty bad... i searched for all kindsa stuff about this for the wiki and the forum and it never turned up that post.
Top
doh123
Level 8
Level 8
Posts: 1227
Joined: Tue Jul 14, 2009 1:21 pm

Post by doh123 »

i couldn't find a bug on it over there... so I just opened one...

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2309
Top
Locked

Return to “Wine Help”